<?php 
if (isset($_POST['myusername'])) {
    $mysqli = new mysqli('localhost', 'root', '', 'frcc_test'); 

// Define $myusername and $mypassword 
$myusername=$_POST['myusername']; 
$mypassword=$_POST['mypassword']; 

// To protect MySQL injection (more detail about MySQL injection)
$uid = stripslashes($myusername);
$pwd = stripslashes($mypassword);

/* prepare insert statement */
$mysqli->query("SET NAMES 'utf8'");
    $sql = "DELETE from directory where uid = ? and pwd = ? ";
 
    if ($stmt = $mysqli->prepare($sql)) 
    {
        $stmt->bind_param("ss", $uid, $pwd);
        $stmt->execute();
 
        //echo "Number of user records deleted: " . $stmt->affected_rows;
        // clean up your mess!
        $stmt->close();
    }
    else
    {
        die("Could not prepare SQL statement: $sql");
    }
 
    $mysqli->close();
    header("location:showmember.php");
} else {
?>

<table width="432" height="229" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
<tr>
<form name="form1" method="post" action="deletemember.php">
<td>
<table width="83%" border="0" cellpadding="3" cellspacing="1" bgcolor="#FFFFFF">
<tr>
    <td colspan="3"><strong>Delete Member </strong></td>
</tr>
<tr>
<td width="127">Username:</td>
<td width="214"><input name="myusername" type="text" id="myusername"></td>
</tr>
<tr>
<td>Password:</td>
<td><input name="mypassword" type="text" id="mypassword"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td><input type="submit" name="Submit" value="Delete"></td>
</tr>
</table>
</td>
</form>
</tr>
</table>
<?php } ?>
</body>
</html>